APIs: The good, the bad, the ugly

6 likes8,017 views

The document discusses the strengths and weaknesses of API documentation, highlighting good aspects like interactivity and consistency, while noting problems such as outdated information and inconsistencies in data formats. It also addresses authentication and error handling, emphasizing the importance of user-friendly error messages and stable methods for managing permissions. Lastly, it provides resources for further exploration of documentation standards and versioning.

Software Technology Entertainment & Humor

APIs:
The good, the bad, the ugly
@MicheleTitolo

APIs: The good, the bad, the ugly

APIs: The good, the bad, the ugly

What we’ll cover

Documentation

The Good

It exists

Bonus: it’s interactive

I/O Docs

The Bad

Docs aren’t updated

The Ugly

Documentation?

APIs: The good, the bad, the ugly

URLs

The Good

Consistency

/users/22445
/products/3156
/movies/127/times

The Bad

Inconsistency

/users/22445
/reviews/3156
/times/127
Not review or time id’s

The Ugly

“Send GET to /remove to
delete”

APIs: The good, the bad, the ugly

Payloads

The Good

APIs: The good, the bad, the ugly

You have all the data you need

The Bad

Endpoint “id” field
/products id
/products/:id productID
/cart product_id

Yes, this actually happened

Change

We expect certain things

...like image urls having http://

...like dates sent in the same
format

We expect certain things
to not change

The Ugly

JSON containing HTML

APIs: The good, the bad, the ugly

APIs: The good, the bad, the ugly

Unstable

APIs: The good, the bad, the ugly

Authentication

The Good

HTTP Basc Auth over SSL

...when SSL is secure

OAuth

The Bad

OAuth

APIs: The good, the bad, the ugly

The Ugly

APIs: The good, the bad, the ugly

APIs: The good, the bad, the ugly

Authorization

The Good

App requests permissions

The Bad

A single API key

The Ugly

Authorization?

goto fail;

APIs: The good, the bad, the ugly

APIs: The good, the bad, the ugly

Errors

The Good

Error codes

Error message in response

Human readable error
message

The Bad

“There was an error”

APIs: The good, the bad, the ugly

The Ugly

APIs: The good, the bad, the ugly

APIs: The good, the bad, the ugly

APIs: The good, the bad, the ugly

Caching

The Good

Using one of the standards

Cache-Control

If-Modified-Since

etags

The Bad

Manually processing data

The Ugly

Caching

APIs: The good, the bad, the ugly

APIs: The good, the bad, the ugly

In Summary

Consistency

Conventions

Simple

Questions?
@MicheleTitolo

• JSONSchema, RAML, API Blueprint,
• HTTP 1.1 Spec: http://www.w3.org/Protocols/rfc2616/
rfc2616.html
• Charles, Postman
• http://runscope.com, also http://newrelic.com for
backend analytics
• Versioning: http://apiux.com/2013/05/14/api-
versioning/
Q&A Resources

Ad

Recommended

PDF

APIs: The Good, The Bad, The Ugly

PDF

Создание API, которое полюбят разработчики. Глубокое погружение

PDF

Beautiful APIs - SOSE2021 Keynote

Cesare Pautasso

PDF

Mobile and API identity – The New Challenges

CA API Management

PPTX

Documenting an API for the First Time? Quick-Start Tips for Your First API Do...

Petko Mikhailov

PPTX

3 things your app API is doing WRONG

PDF

Designing your API Server for mobile apps

PDF

API Basics

Ritul Chaudhary

PPTX

Trends in Web APIs Layer 7 API Management Workshop London

CA API Management

PDF

zendframework2 restful

PPTX

RESTful design

PDF

Don't screw it up! How to build durable API

Alessandro Cinelli (cirpo)

PPTX

Rest WebAPI with OData

KEY

Enter the app era with ruby on rails (rubyday)

PDF

Web Services PHP Tutorial

PPT

REST

Andreas Bjärlestam

PPTX

Familiarity Breeds Contempt (Or why all APIs suck, even yours.)

Stephen Darlington

PDF

Enter the app era with ruby on rails

PDF

Consumer centric api design v0.4.0

PPT

Programming With Amazon, Google, And E Bay

PPTX

API Design - When to buck the trend (Webcast)

Apigee | Google Cloud

PPTX

REST Methodologies

PDF

Web REST APIs Design Principles

Anji Beeravalli

PDF

Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...

PDF

API Design & Security in django

Tareque Hossain

PPTX

Webservices: The RESTful Approach

Mushfekur Rahman

PDF

Crafting Consumable APIs

PDF

12 core technologies you should learn, love, and hate to be a 'real' technocrat

PDF

Writing Design Docs for Wide Audiences

PDF

Beam Me Up: Voyaging into Big Data

More Related Content

PDF

APIs: The Good, The Bad, The Ugly

PDF

Создание API, которое полюбят разработчики. Глубокое погружение

PDF

Beautiful APIs - SOSE2021 Keynote

Cesare Pautasso

PDF

Mobile and API identity – The New Challenges

CA API Management

PPTX

Documenting an API for the First Time? Quick-Start Tips for Your First API Do...

Petko Mikhailov

PPTX

3 things your app API is doing WRONG

PDF

Designing your API Server for mobile apps

PDF

API Basics

Ritul Chaudhary

APIs: The Good, The Bad, The Ugly

Создание API, которое полюбят разработчики. Глубокое погружение

Beautiful APIs - SOSE2021 Keynote

Cesare Pautasso

Mobile and API identity – The New Challenges

CA API Management

Documenting an API for the First Time? Quick-Start Tips for Your First API Do...

Petko Mikhailov

3 things your app API is doing WRONG

Designing your API Server for mobile apps

API Basics

Ritul Chaudhary

Similar to APIs: The good, the bad, the ugly (20)

PPTX

Trends in Web APIs Layer 7 API Management Workshop London

CA API Management

PDF

zendframework2 restful

PPTX

RESTful design

PDF

Don't screw it up! How to build durable API

Alessandro Cinelli (cirpo)

PPTX

Rest WebAPI with OData

KEY

Enter the app era with ruby on rails (rubyday)

PDF

Web Services PHP Tutorial

PPT

REST

Andreas Bjärlestam

PPTX

Familiarity Breeds Contempt (Or why all APIs suck, even yours.)

Stephen Darlington

PDF

Enter the app era with ruby on rails

PDF

Consumer centric api design v0.4.0

PPT

Programming With Amazon, Google, And E Bay

PPTX

API Design - When to buck the trend (Webcast)

Apigee | Google Cloud

PPTX

REST Methodologies

PDF

Web REST APIs Design Principles

Anji Beeravalli

PDF

Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...

PDF

API Design & Security in django

Tareque Hossain

PPTX

Webservices: The RESTful Approach

Mushfekur Rahman

PDF

Crafting Consumable APIs

PDF

12 core technologies you should learn, love, and hate to be a 'real' technocrat

Trends in Web APIs Layer 7 API Management Workshop London

CA API Management

zendframework2 restful

RESTful design

Don't screw it up! How to build durable API

Alessandro Cinelli (cirpo)

Rest WebAPI with OData

Enter the app era with ruby on rails (rubyday)

Web Services PHP Tutorial

REST

Andreas Bjärlestam

Familiarity Breeds Contempt (Or why all APIs suck, even yours.)

Stephen Darlington

Enter the app era with ruby on rails

Consumer centric api design v0.4.0

Programming With Amazon, Google, And E Bay

API Design - When to buck the trend (Webcast)

Apigee | Google Cloud

REST Methodologies

Web REST APIs Design Principles

Anji Beeravalli

Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...

API Design & Security in django

Tareque Hossain

Webservices: The RESTful Approach

Mushfekur Rahman

Crafting Consumable APIs

12 core technologies you should learn, love, and hate to be a 'real' technocrat

Ad

More from Michele Titolo (20)

PDF

Writing Design Docs for Wide Audiences

PDF

Beam Me Up: Voyaging into Big Data

PDF

Tackling the Big, Impossible Project

PDF

No Microservice is an Island

PDF

From iOS to Distributed Systems

PDF

More than po: Debugging in LLDB

PDF

APIs for the Mobile World

PDF

Swift Generics in Theory and Practice

PDF

Protocols promised-land-2

PDF

Multitasking

PDF

Making friendly-microservices

PDF

More Than po: Debugging in LLDB @ CocoaConf SJ 2015

PDF

The Worst Code

PDF

More than `po`: Debugging in lldb

PDF

Can't Handle My Scale v2

PDF

Can't Handle My Scale

PDF

Cocoa Design Patterns in Swift

PDF

Mastering the Project File (AltConf)

PDF

APIs: The Ugly

PDF

That's Not My Code!

Writing Design Docs for Wide Audiences

Beam Me Up: Voyaging into Big Data

Tackling the Big, Impossible Project

No Microservice is an Island

From iOS to Distributed Systems

More than po: Debugging in LLDB

APIs for the Mobile World

Swift Generics in Theory and Practice

Protocols promised-land-2

Multitasking

Making friendly-microservices

More Than po: Debugging in LLDB @ CocoaConf SJ 2015

The Worst Code

More than `po`: Debugging in lldb

Can't Handle My Scale v2

Can't Handle My Scale

Cocoa Design Patterns in Swift

Mastering the Project File (AltConf)

APIs: The Ugly

That's Not My Code!

Ad

Recently uploaded (20)

PDF

Practical Indispensable Project Management Tips for Delivering Successful Exp...

PDF

novaPDF Pro 11.9.482 Crack + License Key [Latest 2025]

PDF

Visual explanation of Dijkstra's Algorithm using Python

Universidad Nacional de Ingenieria

DOCX

Modern SharePoint Intranet Templates That Boost Employee Engagement in 2025.docx

Sharepoint Designs

PPTX

GSA Content Generator Crack (2025 Latest)

DOC

UTEP毕业证学历认证,宾夕法尼亚克拉里恩大学毕业证未毕业

PDF

Wondershare Recoverit Full Crack New Version (Latest 2025)

PPTX

MLforCyber_MLDataSetsandFeatures_Presentation.pptx

PDF

BoxLang Dynamic AWS Lambda - Japan Edition

Ortus Solutions, Corp

PPTX

Tech Workshop Escape Room Tech Workshop

PDF

Workplace Software and Skills - OpenStax

tranviettoan19672001

PDF

Introduction to Ragic - #1 No Code Tool For Digitalizing Your Business Proces...

PPTX

Cybersecurity: Protecting the Digital World

SURULIAPPANPREMKMAR

PPTX

How to Odoo 19 Installation on Ubuntu - CandidRoot

CandidRoot Solutions Private Limited

PDF

Top 10 Software Development Trends to Watch in 2025 🚀.pdf

PDF

Guide to Food Delivery App Development.pdf

DOCX

How to Use SharePoint as an ISO-Compliant Document Management System

Sharepoint Designs

PDF

Ableton Live Suite for MacOS Crack Full Download (Latest 2025)

PPTX

Python is a high-level, interpreted programming language

PPTX

Cybersecurity-and-Fraud-Protecting-Your-Digital-Life.pptx

Practical Indispensable Project Management Tips for Delivering Successful Exp...

novaPDF Pro 11.9.482 Crack + License Key [Latest 2025]

Visual explanation of Dijkstra's Algorithm using Python

Universidad Nacional de Ingenieria

Modern SharePoint Intranet Templates That Boost Employee Engagement in 2025.docx

Sharepoint Designs

GSA Content Generator Crack (2025 Latest)

UTEP毕业证学历认证,宾夕法尼亚克拉里恩大学毕业证未毕业

Wondershare Recoverit Full Crack New Version (Latest 2025)

MLforCyber_MLDataSetsandFeatures_Presentation.pptx

BoxLang Dynamic AWS Lambda - Japan Edition

Ortus Solutions, Corp

Tech Workshop Escape Room Tech Workshop

Workplace Software and Skills - OpenStax

tranviettoan19672001

Introduction to Ragic - #1 No Code Tool For Digitalizing Your Business Proces...

Cybersecurity: Protecting the Digital World

SURULIAPPANPREMKMAR

How to Odoo 19 Installation on Ubuntu - CandidRoot

CandidRoot Solutions Private Limited

Top 10 Software Development Trends to Watch in 2025 🚀.pdf

Guide to Food Delivery App Development.pdf

How to Use SharePoint as an ISO-Compliant Document Management System

Sharepoint Designs

Ableton Live Suite for MacOS Crack Full Download (Latest 2025)

Python is a high-level, interpreted programming language

Cybersecurity-and-Fraud-Protecting-Your-Digital-Life.pptx

APIs: The good, the bad, the ugly

1. APIs: The good, the bad, the ugly @MicheleTitolo

4. What we’ll cover

5. Documentation

8. Bonus: it’s interactive

11. Docs aren’t updated

13. Documentation?

17. Consistency

18. /users/22445 /products/3156 /movies/127/times

20. Inconsistency

21. /users/22445 /reviews/3156 /times/127 Not review or time id’s

23. “Send GET to /remove to delete”

28. You have all the data you need

30. Endpoint “id” field /products id /products/:id productID /cart product_id

31. Yes, this actually happened

33. We expect certain things

34. ...like image urls having http://

35. ...like dates sent in the same format

36. We expect certain things to not change

38. JSON containing HTML

43. Authentication

45. HTTP Basc Auth over SSL

46. ...when SSL is secure

54. Authorization

56. App requests permissions

58. A single API key

60. Authorization?

66. Error codes

67. Error message in response

68. Human readable error message

70. “There was an error”

78. Using one of the standards

79. Cache-Control

80. If-Modified-Since

83. Manually processing data

89. Consistency

90. Conventions

92. Questions? @MicheleTitolo

93. • JSONSchema, RAML, API Blueprint, • HTTP 1.1 Spec: http://www.w3.org/Protocols/rfc2616/ rfc2616.html • Charles, Postman • http://runscope.com, also http://newrelic.com for backend analytics • Versioning: http://apiux.com/2013/05/14/api- versioning/ Q&A Resources